We are in the process of building a secure network reference architecture for member firms as guidance. Are there any good examples I can use?

Security Strategy & Roadmap IT Strategy & Roadmap

1.6k views2 Comments

Sort by:

Head of PMOa year ago

There's some material on this on NCSC's website. One page of which is: Architecture and configuration - NCSC.GOV.UK and there is more if you search the site. I've seen various examples at the different public authorities where I've worked over the years but they are rarely distributed widely.

VP of IT in Retail2 years ago

I would focus on NIST and ISO/IEC 27001.

The NIST Framework - The National Institute of Standards and Technology (NIST) provides a framework for improving critical infrastructure cybersecurity. The NIST framework is notable for its focus on risk management and its adaptability, allowing it to be applied in a variety of contexts.

ISO/IEC 27001 - ISO/IEC 27001 is an international standard for information security. It provides a set of standardized requirements for an Information Security Management System (ISMS). The standard adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining, and improving your ISMS.

Content you might like

What team compositions and skill sets do you think are essential for AI-enabled IT organizations? What roles or functions are critical to have as you build AI capabilities?

How are you building enterprise AI capabilities? What factors are driving your build-versus-buy-versus-partner decisions?

Our organization is subject to data retention requirements over very long periods (50 years or more). Do your organizations face similar constraints? If so, what long-term retention strategy have you implemented for these regulated data, and what technologies or solutions do you use to ensure their durability and compliance?

Are you confident in your org’s current guardrails/policies for generative AI?

Completely confident – they’re as solid as possible18%

Sort of confident – policies seem adequate53%

Slightly confident – better than nothing21%

Not at all confident – we need to redo these5%

Unsure1%

View Results

Do you have a security behavior and culture program (SBCP)?

Yes27%

We’re currently developing an SBCP26%

We’re currently exploring SBCPs25%

No, but I expect that will change13%

No, and I don’t expect that to change5%

Other (please specify)1%

View Results

We are in the process of building a secure network reference architecture for member firms as guidance. Are there any good examples I can use?

Sort by:

Content you might like

What team compositions and skill sets do you think are essential for AI-enabled IT organizations? What roles or functions are critical to have as you build AI capabilities?

How are you building enterprise AI capabilities? What factors are driving your build-versus-buy-versus-partner decisions?

Are you confident in your org’s current guardrails/policies for generative AI?

Do you have a security behavior and culture program (SBCP)?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

2024 Cloud Spending: IT Balances Costs with GenAI Innovations

Are U.S. Organizations Insuring Against CISO Liability Risk?

Building an Effective Executive Succession Plan

Take Your Insights On-the-Go